EC2 and GAE means end of ip address reputation industry? (Re: Intrustion attempts from Amazon EC2 IPs)

Al Iverson aiversonlists at
Sun Jun 22 18:24:43 UTC 2008

On Sun, Jun 22, 2008 at 11:55 AM, Andy Davidson <andy at> wrote:
> On 22 Jun 2008, at 17:17, Paul Vixie wrote:
>> with EC2, it's game-over for the IP reputation industry,

> I was discussing this on an e-commerce practitioners list earlier today, and
> argued basically that, from an abuse point of view, EC2 is the same as any
> other bad neighborhood, and that operators needing to make impact fast, will
> treat it as they do any other bad neighborhood.

I have to agree with Andy. There's simple math involved of how much
good mail versus how much bad mail is coming from a network, and very
few ISPs seem shy about blocking IPs or netblocks that cross those

Even if Paul is somehow correct about this becoming game changing for
the concept of IP reputation, good people (non-spammers) using the EC2
platform are going to run into a lot of delivery pain, as existing ISP
and blacklist reputation mechanisms have yet to give EC2 users a free
pass, from what I've observed so far.

I'm not going to pretend I manage inbound mail service for
thousands-to-millions of users (as most of the participants of other
lists like SPAM-L are fond of imagining themselves), but I know enough
about how IP reputation systems work at ISPs to know that if I did
manage inbound mail for such a userbase, the EC2 IPs would be blocked
repeatedly and often, and there would come a point where the blocks
escalate to /24s and larger, and there would come a point where the
blocks are removed slower and less often.

How the EC2 space is managed is not really new or exciting, as far as
outbound mail goes.

Al Iverson
Al Iverson on Spam and Deliverability, see
News, stats, info, and commentary on blacklists:
My personal website: -- Chicago, IL, USA
Remove "lists" from my email address to reach me faster and directly.

More information about the NANOG mailing list